一些自用的kubectl命令
重启pod
1 2 3
| NAME_SPACE=anyonedev kubectl get pod podname -n=${NAME_SPACE} -o yaml | kubectl replace --force -f -
|
强制删除pod
解决:加参数 --force --grace-period=0
grace-period表示过渡存活期,默认30s,在删除POD之前允许POD慢慢终止其上的容器进程,从而优雅退出
0表示立即终止POD
1 2
| kubectl delete pod <your-pod-name> -n=<name-space> --force --grace-period=0
|
根据状态过滤批量操作
过滤条件: ImagePullBackOff|CrashLoopBackOff|Evicted|Terminating
1 2 3 4 5 6 7 8
| NAME_SPACE=anyonedev
# kubectl get pods -n=${NAME_SPACE} | grep -E 'ImagePullBackOff|CrashLoopBackOff' | awk '{print $1}' | xargs kubectl delete pod -n=${NAME_SPACE}
# kubectl get pods -n=${NAME_SPACE} | grep -E 'Evicted|Terminating' | awk '{print $1}' | xargs kubectl get pod -n=${NAME_SPACE} -o yaml | kubectl replace --force -f -
|
pod-forward
1 2 3 4
| kubectl port-forward --address 0.0.0.0 pod/pod名称 暴露端口:内部端口 kubectl port-forward --address 0.0.0.0 service/service名称 暴露端口:内部端口
|
生成kubernetes集群最高权限admin用户的token
参考:https://jimmysong.io/kubernetes-handbook/guide/auth-with-kubeconfig-or-token.html
粘贴如下内容
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
| kind: ClusterRoleBinding apiVersion: rbac.authorization.k8s.io/v1beta1 metadata: name: lin-admin annotations: rbac.authorization.kubernetes.io/autoupdate: "true" roleRef: kind: ClusterRole name: cluster-admin apiGroup: rbac.authorization.k8s.io subjects: - kind: ServiceAccount name: lin-admin namespace: kube-system --- apiVersion: v1 kind: ServiceAccount metadata: name: lin-admin namespace: kube-system labels: kubernetes.io/cluster-service: "true" addonmanager.kubernetes.io/mode: Reconcile
|
1 2 3 4 5 6
| kubectl create -f lin-admin-role.yaml
kubectl -n kube-system get secret|grep lin-admin-token
kubectl -n kube-system describe secret lin-admin-token-rhz5b
|